CVE-2016-9933 log

Source
Severity Medium
Remote Yes
Type Denial of service
Description
Stack consumption vulnerability has been discovered in the gdImageFillToBorder function in gd.c in the GD Graphics Library (aka libgd) before 2.2.2, as used in PHP before 5.6.28 and 7.x before 7.0.13, allows remote attackers to cause a denial of service (segmentation violation) via a crafted imagefilltoborder call that triggers use of a negative color value.
Group Package Affected Fixed Severity Status Ticket
AVG-58 php 7.0.12-2 7.0.13-1 High Fixed
Date Advisory Group Package Severity Description
18 Nov 2016 ASA-201611-19 AVG-58 php High multiple issues
References
https://bugs.php.net/bug.php?id=72696
https://github.com/php/php-src/commit/863d37ea66d5c960db08d6f4a2cbd2518f0f80d1
http://www.openwall.com/lists/oss-security/2016/12/12/2